Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/25d38479-752d-418e-a4fb-397c5aa432f8.roa
File: 25d38479-752d-418e-a4fb-397c5aa432f8.roa (raw, json)
Hash identifier: pShRyck4s0z1CLHkE7uRLKeFDxgFoz/zwN60foXmL78=
Subject key identifier: B7:3B:98:B6:85:10:F1:9A:BF:9A:23:F7:88:CC:50:B8:C0:82:8E:74
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 5927CD2DDDB8F259B0A75A1517331A408C42FF9F
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/25d38479-752d-418e-a4fb-397c5aa432f8.roa
Signing time: Fri 16 May 2025 17:40:12 +0000
ROA not before: Fri 16 May 2025 17:40:12 +0000
ROA not after: Fri 20 Jun 2025 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d032:800::/40 maxlen: 40
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 03 Jun 2025 13:25:17 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
59:27:cd:2d:dd:b8:f2:59:b0:a7:5a:15:17:33:1a:40:8c:42:ff:9f
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: May 16 17:40:12 2025 GMT
Not After : Jun 20 23:59:59 2025 GMT
Subject: serialNumber=dba82bd2244db7a1939a98282874e2f06fb4798721fc253e9daffaa5eed7399c, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d8:3d:28:59:d6:bc:0c:9e:07:d1:21:c9:7a:8f:
86:15:d0:e3:ed:c0:68:2b:d7:5e:14:fe:1d:a4:fb:
c0:c2:30:bd:a1:e4:27:a7:e9:6c:ca:ab:ff:5e:ef:
df:d3:5b:d4:9c:13:32:32:0b:dc:d6:79:03:55:5c:
60:97:2e:68:7e:e7:71:49:59:c4:c3:c3:c9:20:0a:
36:c1:5e:2e:ed:61:69:17:d7:e4:1c:39:e7:ac:e8:
8f:28:2c:b3:dd:84:f7:aa:a8:64:6a:67:1e:aa:dd:
03:13:75:c1:2d:a3:af:87:12:35:f0:67:39:43:06:
61:19:cc:61:1b:09:d2:38:cf:ba:3e:e9:e3:a9:b6:
52:a6:41:d0:c0:c7:1b:30:77:1b:59:e2:87:65:5d:
3f:71:9e:ac:ec:6a:ad:7f:46:3c:2d:f3:ca:f5:88:
d1:ac:46:80:e7:c5:6a:c1:22:30:5a:ad:43:a2:39:
c6:57:90:95:63:0c:dd:92:e0:bf:f9:a7:68:1d:11:
26:07:7b:2c:ac:8f:88:ac:90:72:60:02:75:3c:aa:
e3:4b:b7:36:b3:b7:1d:ce:19:82:67:38:09:e8:26:
24:91:28:c6:ad:56:b7:02:1b:f3:43:28:77:c4:ee:
96:9c:43:43:09:7c:95:a2:00:60:0e:f4:5f:f5:f2:
40:65
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B7:3B:98:B6:85:10:F1:9A:BF:9A:23:F7:88:CC:50:B8:C0:82:8E:74
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/25d38479-752d-418e-a4fb-397c5aa432f8.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d032:800::/40
Signature Algorithm: sha256WithRSAEncryption
14:b7:90:98:29:13:30:65:e4:7d:ed:bf:e5:be:f4:da:2f:86:
3d:33:21:fc:4a:6d:6e:60:34:c6:4a:23:68:75:6b:3d:24:11:
1f:0a:57:58:58:2a:d3:4e:93:31:fb:ec:ab:c8:52:91:7d:b4:
5a:7d:d8:71:40:5b:76:0d:71:db:96:29:6b:1d:fd:d6:88:02:
21:4b:07:bf:b6:ca:ae:0e:42:2e:95:3f:96:31:ed:e6:48:78:
30:53:db:bd:ef:7f:5a:14:35:8b:50:4c:9d:a6:c2:5b:fa:55:
fa:e0:08:d5:a3:c2:fb:2c:36:c3:8d:b7:2c:8c:bd:96:75:60:
6d:6a:59:0f:16:8e:7e:dc:00:52:d9:1e:e5:6a:a2:ef:91:70:
e7:3d:1f:48:5f:3f:cc:6b:68:a8:f1:24:e0:e2:b4:bd:ad:85:
e0:c3:bd:99:57:43:10:83:93:55:52:49:86:f9:ec:7a:ac:a2:
a8:75:6a:5c:f8:a7:95:be:99:f7:a9:ec:0e:e1:58:31:d2:df:
7e:a7:95:9c:f1:cd:b2:1c:fd:17:20:95:15:f0:7c:be:31:2d:
ef:48:52:c1:34:52:09:26:b0:f2:90:c8:9e:48:64:f7:7a:35:
fb:d2:8e:ed:53:d7:24:bf:aa:7b:70:d9:96:72:79:b9:fd:ee:
45:c3:d8:9e
-----BEGIN CERTIFICATE-----
MIIFYDCCBEigAwIBAgIUWSfNLd248lmwp1oVFzMaQIxC/58wDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNTA1MTYxNzQwMTJaFw0yNTA2MjAyMzU5NTlaMHoxSTBHBgNV
BAUTQGRiYTgyYmQyMjQ0ZGI3YTE5MzlhOTgyODI4NzRlMmYwNmZiNDc5ODcyMWZj
MjUzZTlkYWZmYWE1ZWVkNzM5OWMxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBANg9KFnWvAyeB9EhyXqPhhXQ4+3AaCvXXhT+HaT7wMIwvaHkJ6fpbMqr/17v
39Nb1JwTMjIL3NZ5A1VcYJcuaH7ncUlZxMPDySAKNsFeLu1haRfX5Bw556zojygs
s92E96qoZGpnHqrdAxN1wS2jr4cSNfBnOUMGYRnMYRsJ0jjPuj7p46m2UqZB0MDH
GzB3G1nih2VdP3GerOxqrX9GPC3zyvWI0axGgOfFasEiMFqtQ6I5xleQlWMM3ZLg
v/mnaB0RJgd7LKyPiKyQcmACdTyq40u3NrO3Hc4Zgmc4CegmJJEoxq1WtwIb80Mo
d8TulpxDQwl8laIAYA70X/XyQGUCAwEAAaOCAiMwggIfMB0GA1UdDgQWBBS3O5i2
hRDxmr+aI/eIzFC4wIKOdDAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
MjVkMzg0NzktNzUyZC00MThlLWE0ZmItMzk3YzVhYTQzMmY4LnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAhBggrBgEFBQcBBwEB/wQSMBAwDgQCAAIwCAMGACoF0DII
MA0GCSqGSIb3DQEBCwUAA4IBAQAUt5CYKRMwZeR97b/lvvTaL4Y9MyH8Sm1uYDTG
SiNodWs9JBEfCldYWCrTTpMx++yryFKRfbRafdhxQFt2DXHblilrHf3WiAIhSwe/
tsquDkIulT+WMe3mSHgwU9u9739aFDWLUEydpsJb+lX64AjVo8L7LDbDjbcsjL2W
dWBtalkPFo5+3ABS2R7laqLvkXDnPR9IXz/Ma2io8STg4rS9rYXgw72ZV0MQg5NV
UkmG+ex6rKKodWpc+KeVvpn3qewO4Vgx0t9+p5Wc8c2yHP0XIJUV8Hy+MS3vSFLB
NFIJJrDykMieSGT3ejX70o7tU9ckv6p7cNmWcnm5/e5Fw9ie
-----END CERTIFICATE-----
Generated at Mon Jun 2 16:26:20 2025 by rpki-client